export default {
  upload: `// 上传文件 (危险)
async dangerousUploadFile(files: any) {
  checkEssentialParams(files);
  const [file] = files;
  const suffix = file.filename.split('.')[1];

  // 判断文件类型是否符合
  if (!['jpg', 'jpeg', 'png'].includes(suffix)) {
    throw new FileFormatError();
  }

  // 读取保存文件
  await new Promise(resolve => {
    readFile(file.data, (err, data) => {
      if (err) {
        throw new ResourceNotFound();
      } else {
        writeFile(\`./upload/\${file.filename}\`, data, () => {
          resolve('');
        });
      }
    });
  });

  return {
    filename: file.filename,
  };
}`,
  download: `// uploadService
async getResource(
  type: UploadType,
  filename: string,
  isDangerous: boolean = false
) {
  if (!isDangerous && filename.indexOf('/') !== -1) {
    throw new FileFormatError();
  }
  return createReadStream(\`./upload/\${type}/\${filename}\`);
}
// FileController
@Get('/fileDownload')
async fileDangerousDownload(@Query('filename') filename: string) {
  this.ctx.set('Content-Disposition', \`attachment; filename=\${filename}\`);
  return this.uploadService.getResource('vulnerable', filename, true);
}`,
};
